Principal Application Security Engineer

Job not on LinkedIn

🕒 March 28

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of RSA Security

RSA Security

1001 - 5000 employees

🔒 Cybersecurity

☁️ SaaS

🏢 Enterprise

Cybersecurity • SaaS • Enterprise

RSA Security is a leading cybersecurity company that provides identity and access management, multi-factor authentication, and identity governance solutions for cloud, hybrid, and on‑premises environments. Its products (including SecurID and ID Plus) deliver adaptive, risk‑based authentication, passwordless and phishing‑resistant methods, and automated identity lifecycle and governance capabilities for large enterprises and government organizations. RSA’s offerings are delivered as a combination of SaaS and on‑premises software with professional services, training, and support to help organizations implement Zero Trust identity security.

📋 Description

• Drive the development and implementation of advanced security practices, policies, and frameworks to ensure the integrity and confidentiality of our applications. • Provide principal leadership to the application security program, helping set the strategic direction, goals, and objectives to enhance the overall security posture of our applications. • Develop and implement advanced application security practices, including secure coding standards, threat modeling methodologies, and secure software development lifecycle (SDLC) processes. • Conduct in-depth application security assessments, including code reviews, architecture reviews, and penetration testing, to identify and remediate complex security vulnerabilities and risks. • Collaborate closely with development teams, architects, and stakeholders to provide expert guidance on secure coding practices, security design principles, and the selection and implementation of security controls. • Define and maintain application security policies, standards, and guidelines, ensuring alignment with regulatory requirements and industry best practices. • Drive the integration of security into the CI/CD pipeline and automated security testing tools and processes to enable secure and efficient application development and deployment. • Evaluate and recommend emerging technologies, frameworks, and security tools to enhance application security capabilities, scalability, and efficiency. • Lead incident response efforts for application security incidents, working with cross-functional teams to investigate, contain, and remediate security breaches or vulnerabilities. • Stay current with the latest application security threats, vulnerabilities, and attack vectors, and provide strategic recommendations and guidance to mitigate emerging risks. • Serve as a subject matter expert and thought leader on application security, representing the organization in external forums, conferences, and industry working groups.

🎯 Requirements

• Bachelor’s degree in computer science, Information Security, or a related field - or equivalent work experience. • 10+ years of progressive experience in application security, with a focus on securing complex web and mobile applications. • Extensive expertise in application security principles, secure coding practices, secure architecture design, and vulnerability assessment techniques. • Strong knowledge of web and mobile application frameworks, languages, and technologies (e.g., Java, .NET, JavaScript, Python, Android, iOS). • Proven experience conducting advanced application security assessments, including code reviews, architecture reviews, and penetration testing. • Deep understanding of web application security vulnerabilities (OWASP Top Ten), advanced attack techniques, and mitigation strategies. • Demonstrated ability to develop and implement secure software development lifecycle (SDLC) processes and integrate security into DevOps and CI/CD practices. • Expertise in cloud security concepts and practices, with hands-on experience in cloud-native environments (e.g., AWS, Azure, GCP). • Strong scripting or programming skills for automation and tooling (e.g., Python, Bash, PowerShell).

🏖️ Benefits

• Equal employment opportunity • Work environment free of discrimination and harassment • Opportunities for innovation and sharing ideas

Apply Now

Similar Jobs

🕒 March 27

Outseer

201 - 500

💳 Fintech

🔒 Cybersecurity

☁️ SaaS

Principal Application Security Engineer driving security practices for Outseer’s fraud detection hub. Collaborating on application security assessments and integrating security into development processes.

Android

AWS

Azure

Cloud

Google Cloud Platform

iOS

Java

JavaScript

Python

SDLC

.NET